Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: Kris Kennaway (krisobsecurity.org)
Date: Wed May 30 2001 - 15:41:29 CDT
On Wed, May 30, 2001 at 01:35:55PM -0700, Geoff Kuenning wrote:
> > Could you please leave in the mkstemp() as an #ifdef for those systems
> > who have it?
> Only if somebody can convince me that it does a sufficiently better
> job than Werner's code that it's worth having yet another configure
> option. Remember that ispell doesn't auto-configure, so configuration
> choices are a major pain to the user.
Well, it's just that mktemp() gives linker warnings about insecurity
on (at least) FreeBSD and Linux, and that's probably going to cause
people to continue to worry about it (and waste time looking at the
code to decide whether it's safe). The current patch will also bail
if the single filename picked by mktemp() is already taken; mkstemp()
won't do this, so it does provide a small reliability improvement,
If there's no way you'll add in #ifdef HAS_MKSTEMP, then at least
stick in a comment about the mktemp() having been audited.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (FreeBSD)
Comment: For info see http://www.gnupg.org
-----END PGP SIGNATURE-----